commit ba99899e382c36f2804647398bd65d18ee8c90a9
author Janis Danisevskis <jdanis@google.com> Tue Dec 29 16:08:40 2020 -0800
committer Janis Danisevskis <jdanis@google.com> Wed Jan 06 12:58:51 2021 -0800
tree 07e8188a0df1af6ce6dd605f58950d5648c58cb8
parent 10688ac0818a01023771f9a381a1443814d55a58

Keystore 2.0: Initialize all KeyMint instances.

Test: Strongbox CTS tests on Devices sporting Strongbox.
Bug: 173546020
Change-Id: Ief1983571c8a16979ed1e0ed7e4f636ab269ce8d

keystore2/src/error.rs

diff --git a/keystore2/src/error.rs b/keystore2/src/error.rs
index b4cf913..7227f62 100644
--- a/keystore2/src/error.rs
+++ b/keystore2/src/error.rs
@@ -38,7 +38,7 @@
 use keystore2_selinux as selinux;
 
 use android_system_keystore2::binder::{
-    ExceptionCode, Result as BinderResult, Status as BinderStatus,
+    ExceptionCode, Result as BinderResult, Status as BinderStatus, StatusCode,
 };
 
 /// This is the main Keystore error type. It wraps the Keystore `ResponseCode` generated
@@ -54,6 +54,9 @@
     /// Wraps a Binder exception code other than a service specific exception.
     #[error("Binder exception code {0:?}, {1:?}")]
     Binder(ExceptionCode, i32),
+    /// Wraps a Binder status code.
+    #[error("Binder transaction error {0:?}")]
+    BinderTransaction(StatusCode),
 }
 
 impl Error {
@@ -98,6 +101,28 @@
     })
 }
 
+/// This function is similar to map_km_error only that we don't expect
+/// any KeyMint error codes, we simply preserve the exception code and optional
+/// service specific exception.
+pub fn map_binder_status<T>(r: BinderResult<T>) -> Result<T, Error> {
+    r.map_err(|s| match s.exception_code() {
+        ExceptionCode::SERVICE_SPECIFIC => {
+            let se = s.service_specific_error();
+            Error::Binder(ExceptionCode::SERVICE_SPECIFIC, se)
+        }
+        ExceptionCode::TRANSACTION_FAILED => {
+            let e = s.transaction_error();
+            Error::BinderTransaction(e)
+        }
+        e_code => Error::Binder(e_code, 0),
+    })
+}
+
+/// This function maps a status code onto a Keystore Error.
+pub fn map_binder_status_code<T>(r: Result<T, StatusCode>) -> Result<T, Error> {
+    r.map_err(Error::BinderTransaction)
+}
+
 /// This function should be used by Keystore service calls to translate error conditions
 /// into service specific exceptions.
 ///
@@ -142,7 +167,9 @@
                 // If an Error::Binder reaches this stage we report a system error.
                 // The exception code and possible service specific error will be
                 // printed in the error log above.
-                Some(Error::Binder(_, _)) => ResponseCode::SYSTEM_ERROR.0,
+                Some(Error::Binder(_, _)) | Some(Error::BinderTransaction(_)) => {
+                    ResponseCode::SYSTEM_ERROR.0
+                }
                 None => match root_cause.downcast_ref::<selinux::Error>() {
                     Some(selinux::Error::PermissionDenied) => ResponseCode::PERMISSION_DENIED.0,
                     _ => ResponseCode::SYSTEM_ERROR.0,